pid.c 13.9 KB
Newer Older
L
Linus Torvalds 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
/*
 * Generic pidhash and scalable, time-bounded PID allocator
 *
 * (C) 2002-2003 William Irwin, IBM
 * (C) 2004 William Irwin, Oracle
 * (C) 2002-2004 Ingo Molnar, Red Hat
 *
 * pid-structures are backing objects for tasks sharing a given ID to chain
 * against. There is very little to them aside from hashing them and
 * parking tasks using given ID's on a list.
 *
 * The hash is always changed with the tasklist_lock write-acquired,
 * and the hash is only accessed with the tasklist_lock at least
 * read-acquired, so there's no additional SMP locking needed here.
 *
 * We have a list of bitmap pages, which bitmaps represent the PID space.
 * Allocating and freeing PIDs is completely lockless. The worst-case
 * allocation scenario when all but one out of 1 million PIDs possible are
 * allocated already: the scanning of 32 list entries and at most PAGE_SIZE
 * bytes. The typical fastpath is a single successful setbit. Freeing is O(1).
21 22 23 24 25 26
 *
 * Pid namespaces:
 *    (C) 2007 Pavel Emelyanov <xemul@openvz.org>, OpenVZ, SWsoft Inc.
 *    (C) 2007 Sukadev Bhattiprolu <sukadev@us.ibm.com>, IBM
 *     Many thanks to Oleg Nesterov for comments and help
 *
L
Linus Torvalds 已提交
27 28 29 30 31 32
 */

#include <linux/mm.h>
#include <linux/module.h>
#include <linux/slab.h>
#include <linux/init.h>
33
#include <linux/rculist.h>
L
Linus Torvalds 已提交
34 35
#include <linux/bootmem.h>
#include <linux/hash.h>
36
#include <linux/pid_namespace.h>
37
#include <linux/init_task.h>
38
#include <linux/syscalls.h>
L
Linus Torvalds 已提交
39

40 41
#define pid_hashfn(nr, ns)	\
	hash_long((unsigned long)nr + (unsigned long)ns, pidhash_shift)
42
static struct hlist_head *pid_hash;
43
static unsigned int pidhash_shift = 4;
44
struct pid init_struct_pid = INIT_STRUCT_PID;
L
Linus Torvalds 已提交
45 46 47 48 49 50 51 52 53 54

int pid_max = PID_MAX_DEFAULT;

#define RESERVED_PIDS		300

int pid_max_min = RESERVED_PIDS + 1;
int pid_max_max = PID_MAX_LIMIT;

#define BITS_PER_PAGE		(PAGE_SIZE*8)
#define BITS_PER_PAGE_MASK	(BITS_PER_PAGE-1)
S
Sukadev Bhattiprolu 已提交
55

56 57
static inline int mk_pid(struct pid_namespace *pid_ns,
		struct pidmap *map, int off)
S
Sukadev Bhattiprolu 已提交
58
{
59
	return (map - pid_ns->pidmap)*BITS_PER_PAGE + off;
S
Sukadev Bhattiprolu 已提交
60 61
}

L
Linus Torvalds 已提交
62 63 64 65 66 67 68 69 70
#define find_next_offset(map, off)					\
		find_next_zero_bit((map)->page, BITS_PER_PAGE, off)

/*
 * PID-map pages start out as NULL, they get allocated upon
 * first use and are never deallocated. This way a low pid_max
 * value does not cause lots of bitmaps to be allocated, but
 * the scheme scales to up to 4 million PIDs, runtime.
 */
71
struct pid_namespace init_pid_ns = {
C
Cedric Le Goater 已提交
72 73 74
	.kref = {
		.refcount       = ATOMIC_INIT(2),
	},
S
Sukadev Bhattiprolu 已提交
75 76 77
	.pidmap = {
		[ 0 ... PIDMAP_ENTRIES-1] = { ATOMIC_INIT(BITS_PER_PAGE), NULL }
	},
78
	.last_pid = 0,
79 80
	.level = 0,
	.child_reaper = &init_task,
S
Sukadev Bhattiprolu 已提交
81
};
82
EXPORT_SYMBOL_GPL(init_pid_ns);
L
Linus Torvalds 已提交
83

84
int is_container_init(struct task_struct *tsk)
85
{
86 87 88 89 90 91 92 93 94 95
	int ret = 0;
	struct pid *pid;

	rcu_read_lock();
	pid = task_pid(tsk);
	if (pid != NULL && pid->numbers[pid->level].nr == 1)
		ret = 1;
	rcu_read_unlock();

	return ret;
96
}
97
EXPORT_SYMBOL(is_container_init);
98

99 100 101 102 103 104 105 106 107 108 109 110 111
/*
 * Note: disable interrupts while the pidmap_lock is held as an
 * interrupt might come in and do read_lock(&tasklist_lock).
 *
 * If we don't disable interrupts there is a nasty deadlock between
 * detach_pid()->free_pid() and another cpu that does
 * spin_lock(&pidmap_lock) followed by an interrupt routine that does
 * read_lock(&tasklist_lock);
 *
 * After we clean up the tasklist_lock and know there are no
 * irq handlers that take it we can leave the interrupts enabled.
 * For now it is easier to be safe than to prove it can't happen.
 */
S
Sukadev Bhattiprolu 已提交
112

L
Linus Torvalds 已提交
113 114
static  __cacheline_aligned_in_smp DEFINE_SPINLOCK(pidmap_lock);

115
static void free_pidmap(struct upid *upid)
L
Linus Torvalds 已提交
116
{
117 118 119
	int nr = upid->nr;
	struct pidmap *map = upid->ns->pidmap + nr / BITS_PER_PAGE;
	int offset = nr & BITS_PER_PAGE_MASK;
L
Linus Torvalds 已提交
120 121 122 123 124

	clear_bit(offset, map->page);
	atomic_inc(&map->nr_free);
}

125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161
/*
 * If we started walking pids at 'base', is 'a' seen before 'b'?
 */
static int pid_before(int base, int a, int b)
{
	/*
	 * This is the same as saying
	 *
	 * (a - base + MAXUINT) % MAXUINT < (b - base + MAXUINT) % MAXUINT
	 * and that mapping orders 'a' and 'b' with respect to 'base'.
	 */
	return (unsigned)(a - base) < (unsigned)(b - base);
}

/*
 * We might be racing with someone else trying to set pid_ns->last_pid.
 * We want the winner to have the "later" value, because if the
 * "earlier" value prevails, then a pid may get reused immediately.
 *
 * Since pids rollover, it is not sufficient to just pick the bigger
 * value.  We have to consider where we started counting from.
 *
 * 'base' is the value of pid_ns->last_pid that we observed when
 * we started looking for a pid.
 *
 * 'pid' is the pid that we eventually found.
 */
static void set_last_pid(struct pid_namespace *pid_ns, int base, int pid)
{
	int prev;
	int last_write = base;
	do {
		prev = last_write;
		last_write = cmpxchg(&pid_ns->last_pid, prev, pid);
	} while ((prev != last_write) && (pid_before(base, last_write, pid)));
}

162
static int alloc_pidmap(struct pid_namespace *pid_ns)
L
Linus Torvalds 已提交
163
{
164
	int i, offset, max_scan, pid, last = pid_ns->last_pid;
165
	struct pidmap *map;
L
Linus Torvalds 已提交
166 167 168 169 170

	pid = last + 1;
	if (pid >= pid_max)
		pid = RESERVED_PIDS;
	offset = pid & BITS_PER_PAGE_MASK;
171
	map = &pid_ns->pidmap[pid/BITS_PER_PAGE];
172 173 174 175 176 177
	/*
	 * If last_pid points into the middle of the map->page we
	 * want to scan this bitmap block twice, the second time
	 * we start with offset == 0 (or RESERVED_PIDS).
	 */
	max_scan = DIV_ROUND_UP(pid_max, BITS_PER_PAGE) - !offset;
L
Linus Torvalds 已提交
178 179
	for (i = 0; i <= max_scan; ++i) {
		if (unlikely(!map->page)) {
S
Sukadev Bhattiprolu 已提交
180
			void *page = kzalloc(PAGE_SIZE, GFP_KERNEL);
L
Linus Torvalds 已提交
181 182 183 184
			/*
			 * Free the page if someone raced with us
			 * installing it:
			 */
185
			spin_lock_irq(&pidmap_lock);
186
			if (!map->page) {
S
Sukadev Bhattiprolu 已提交
187
				map->page = page;
188 189
				page = NULL;
			}
190
			spin_unlock_irq(&pidmap_lock);
191
			kfree(page);
L
Linus Torvalds 已提交
192 193 194 195 196 197 198
			if (unlikely(!map->page))
				break;
		}
		if (likely(atomic_read(&map->nr_free))) {
			do {
				if (!test_and_set_bit(offset, map->page)) {
					atomic_dec(&map->nr_free);
199
					set_last_pid(pid_ns, last, pid);
L
Linus Torvalds 已提交
200 201 202
					return pid;
				}
				offset = find_next_offset(map, offset);
203
				pid = mk_pid(pid_ns, map, offset);
204
			} while (offset < BITS_PER_PAGE && pid < pid_max);
L
Linus Torvalds 已提交
205
		}
206
		if (map < &pid_ns->pidmap[(pid_max-1)/BITS_PER_PAGE]) {
L
Linus Torvalds 已提交
207 208 209
			++map;
			offset = 0;
		} else {
210
			map = &pid_ns->pidmap[0];
L
Linus Torvalds 已提交
211 212 213 214
			offset = RESERVED_PIDS;
			if (unlikely(last == offset))
				break;
		}
215
		pid = mk_pid(pid_ns, map, offset);
L
Linus Torvalds 已提交
216 217 218 219
	}
	return -1;
}

220
int next_pidmap(struct pid_namespace *pid_ns, unsigned int last)
221 222
{
	int offset;
223
	struct pidmap *map, *end;
224

225 226 227
	if (last >= PID_MAX_LIMIT)
		return -1;

228
	offset = (last + 1) & BITS_PER_PAGE_MASK;
229 230
	map = &pid_ns->pidmap[(last + 1)/BITS_PER_PAGE];
	end = &pid_ns->pidmap[PIDMAP_ENTRIES];
231
	for (; map < end; map++, offset = 0) {
232 233 234 235
		if (unlikely(!map->page))
			continue;
		offset = find_next_bit((map)->page, BITS_PER_PAGE, offset);
		if (offset < BITS_PER_PAGE)
236
			return mk_pid(pid_ns, map, offset);
237 238 239 240
	}
	return -1;
}

241
void put_pid(struct pid *pid)
242
{
243 244
	struct pid_namespace *ns;

245 246
	if (!pid)
		return;
247

248
	ns = pid->numbers[pid->level].ns;
249
	if ((atomic_read(&pid->count) == 1) ||
250
	     atomic_dec_and_test(&pid->count)) {
251
		kmem_cache_free(ns->pid_cachep, pid);
252
		put_pid_ns(ns);
253
	}
254
}
255
EXPORT_SYMBOL_GPL(put_pid);
256 257 258 259 260 261 262

static void delayed_put_pid(struct rcu_head *rhp)
{
	struct pid *pid = container_of(rhp, struct pid, rcu);
	put_pid(pid);
}

263
void free_pid(struct pid *pid)
264 265
{
	/* We can be called with write_lock_irq(&tasklist_lock) held */
266
	int i;
267 268 269
	unsigned long flags;

	spin_lock_irqsave(&pidmap_lock, flags);
270 271
	for (i = 0; i <= pid->level; i++)
		hlist_del_rcu(&pid->numbers[i].pid_chain);
272 273
	spin_unlock_irqrestore(&pidmap_lock, flags);

274
	for (i = 0; i <= pid->level; i++)
275
		free_pidmap(pid->numbers + i);
276

277 278 279
	call_rcu(&pid->rcu, delayed_put_pid);
}

280
struct pid *alloc_pid(struct pid_namespace *ns)
281 282 283
{
	struct pid *pid;
	enum pid_type type;
284 285
	int i, nr;
	struct pid_namespace *tmp;
286
	struct upid *upid;
287

288
	pid = kmem_cache_alloc(ns->pid_cachep, GFP_KERNEL);
289 290 291
	if (!pid)
		goto out;

292 293 294 295 296
	tmp = ns;
	for (i = ns->level; i >= 0; i--) {
		nr = alloc_pidmap(tmp);
		if (nr < 0)
			goto out_free;
297

298 299 300 301 302
		pid->numbers[i].nr = nr;
		pid->numbers[i].ns = tmp;
		tmp = tmp->parent;
	}

303
	get_pid_ns(ns);
304
	pid->level = ns->level;
305 306 307 308
	atomic_set(&pid->count, 1);
	for (type = 0; type < PIDTYPE_MAX; ++type)
		INIT_HLIST_HEAD(&pid->tasks[type]);

309
	upid = pid->numbers + ns->level;
310
	spin_lock_irq(&pidmap_lock);
311
	for ( ; upid >= pid->numbers; --upid)
312 313
		hlist_add_head_rcu(&upid->pid_chain,
				&pid_hash[pid_hashfn(upid->nr, upid->ns)]);
314 315 316 317 318 319
	spin_unlock_irq(&pidmap_lock);

out:
	return pid;

out_free:
320 321
	while (++i <= ns->level)
		free_pidmap(pid->numbers + i);
322

323
	kmem_cache_free(ns->pid_cachep, pid);
324 325 326 327
	pid = NULL;
	goto out;
}

328
struct pid *find_pid_ns(int nr, struct pid_namespace *ns)
L
Linus Torvalds 已提交
329 330
{
	struct hlist_node *elem;
331 332 333 334 335 336 337
	struct upid *pnr;

	hlist_for_each_entry_rcu(pnr, elem,
			&pid_hash[pid_hashfn(nr, ns)], pid_chain)
		if (pnr->nr == nr && pnr->ns == ns)
			return container_of(pnr, struct pid,
					numbers[ns->level]);
L
Linus Torvalds 已提交
338 339 340

	return NULL;
}
341
EXPORT_SYMBOL_GPL(find_pid_ns);
L
Linus Torvalds 已提交
342

343 344 345 346 347 348
struct pid *find_vpid(int nr)
{
	return find_pid_ns(nr, current->nsproxy->pid_ns);
}
EXPORT_SYMBOL_GPL(find_vpid);

349 350 351
/*
 * attach_pid() must be called with the tasklist_lock write-held.
 */
352
void attach_pid(struct task_struct *task, enum pid_type type,
353
		struct pid *pid)
L
Linus Torvalds 已提交
354
{
355 356 357
	struct pid_link *link;

	link = &task->pids[type];
358
	link->pid = pid;
359
	hlist_add_head_rcu(&link->node, &pid->tasks[type]);
L
Linus Torvalds 已提交
360 361
}

362 363
static void __change_pid(struct task_struct *task, enum pid_type type,
			struct pid *new)
L
Linus Torvalds 已提交
364
{
365 366 367
	struct pid_link *link;
	struct pid *pid;
	int tmp;
L
Linus Torvalds 已提交
368

369 370
	link = &task->pids[type];
	pid = link->pid;
L
Linus Torvalds 已提交
371

372
	hlist_del_rcu(&link->node);
373
	link->pid = new;
L
Linus Torvalds 已提交
374

375 376 377
	for (tmp = PIDTYPE_MAX; --tmp >= 0; )
		if (!hlist_empty(&pid->tasks[tmp]))
			return;
L
Linus Torvalds 已提交
378

379
	free_pid(pid);
L
Linus Torvalds 已提交
380 381
}

382 383 384 385 386 387 388 389 390 391 392 393
void detach_pid(struct task_struct *task, enum pid_type type)
{
	__change_pid(task, type, NULL);
}

void change_pid(struct task_struct *task, enum pid_type type,
		struct pid *pid)
{
	__change_pid(task, type, pid);
	attach_pid(task, type, pid);
}

394
/* transfer_pid is an optimization of attach_pid(new), detach_pid(old) */
395
void transfer_pid(struct task_struct *old, struct task_struct *new,
396 397 398 399 400 401
			   enum pid_type type)
{
	new->pids[type].pid = old->pids[type].pid;
	hlist_replace_rcu(&old->pids[type].node, &new->pids[type].node);
}

402
struct task_struct *pid_task(struct pid *pid, enum pid_type type)
L
Linus Torvalds 已提交
403
{
404 405 406
	struct task_struct *result = NULL;
	if (pid) {
		struct hlist_node *first;
A
Arnd Bergmann 已提交
407
		first = rcu_dereference_check(hlist_first_rcu(&pid->tasks[type]),
408
					      lockdep_tasklist_lock_is_held());
409 410 411 412 413
		if (first)
			result = hlist_entry(first, struct task_struct, pids[(type)].node);
	}
	return result;
}
414
EXPORT_SYMBOL(pid_task);
L
Linus Torvalds 已提交
415

416
/*
417
 * Must be called under rcu_read_lock().
418
 */
419
struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns)
420
{
421 422 423
	rcu_lockdep_assert(rcu_read_lock_held(),
			   "find_task_by_pid_ns() needs rcu_read_lock()"
			   " protection");
424
	return pid_task(find_pid_ns(nr, ns), PIDTYPE_PID);
425
}
L
Linus Torvalds 已提交
426

427 428
struct task_struct *find_task_by_vpid(pid_t vnr)
{
429
	return find_task_by_pid_ns(vnr, current->nsproxy->pid_ns);
430 431
}

432 433 434 435
struct pid *get_task_pid(struct task_struct *task, enum pid_type type)
{
	struct pid *pid;
	rcu_read_lock();
436 437
	if (type != PIDTYPE_PID)
		task = task->group_leader;
438 439 440 441
	pid = get_pid(task->pids[type].pid);
	rcu_read_unlock();
	return pid;
}
442
EXPORT_SYMBOL_GPL(get_task_pid);
443

444
struct task_struct *get_pid_task(struct pid *pid, enum pid_type type)
445 446 447 448 449 450 451 452
{
	struct task_struct *result;
	rcu_read_lock();
	result = pid_task(pid, type);
	if (result)
		get_task_struct(result);
	rcu_read_unlock();
	return result;
L
Linus Torvalds 已提交
453
}
454
EXPORT_SYMBOL_GPL(get_pid_task);
L
Linus Torvalds 已提交
455

456
struct pid *find_get_pid(pid_t nr)
L
Linus Torvalds 已提交
457 458 459
{
	struct pid *pid;

460
	rcu_read_lock();
461
	pid = get_pid(find_vpid(nr));
462
	rcu_read_unlock();
L
Linus Torvalds 已提交
463

464
	return pid;
L
Linus Torvalds 已提交
465
}
466
EXPORT_SYMBOL_GPL(find_get_pid);
L
Linus Torvalds 已提交
467

468 469 470 471 472 473 474 475 476 477 478 479 480
pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns)
{
	struct upid *upid;
	pid_t nr = 0;

	if (pid && ns->level <= pid->level) {
		upid = &pid->numbers[ns->level];
		if (upid->ns == ns)
			nr = upid->nr;
	}
	return nr;
}

E
Eric W. Biederman 已提交
481 482 483 484 485 486
pid_t pid_vnr(struct pid *pid)
{
	return pid_nr_ns(pid, current->nsproxy->pid_ns);
}
EXPORT_SYMBOL_GPL(pid_vnr);

487 488
pid_t __task_pid_nr_ns(struct task_struct *task, enum pid_type type,
			struct pid_namespace *ns)
489
{
490 491 492 493 494 495 496 497 498 499 500 501 502
	pid_t nr = 0;

	rcu_read_lock();
	if (!ns)
		ns = current->nsproxy->pid_ns;
	if (likely(pid_alive(task))) {
		if (type != PIDTYPE_PID)
			task = task->group_leader;
		nr = pid_nr_ns(task->pids[type].pid, ns);
	}
	rcu_read_unlock();

	return nr;
503
}
504
EXPORT_SYMBOL(__task_pid_nr_ns);
505 506 507 508 509 510 511

pid_t task_tgid_nr_ns(struct task_struct *tsk, struct pid_namespace *ns)
{
	return pid_nr_ns(task_tgid(tsk), ns);
}
EXPORT_SYMBOL(task_tgid_nr_ns);

512 513 514 515 516 517
struct pid_namespace *task_active_pid_ns(struct task_struct *tsk)
{
	return ns_of_pid(task_pid(tsk));
}
EXPORT_SYMBOL_GPL(task_active_pid_ns);

518
/*
519
 * Used by proc to find the first pid that is greater than or equal to nr.
520
 *
521
 * If there is a pid at nr this function is exactly the same as find_pid_ns.
522
 */
523
struct pid *find_ge_pid(int nr, struct pid_namespace *ns)
524 525 526 527
{
	struct pid *pid;

	do {
528
		pid = find_pid_ns(nr, ns);
529 530
		if (pid)
			break;
531
		nr = next_pidmap(ns, nr);
532 533 534 535 536
	} while (nr > 0);

	return pid;
}

L
Linus Torvalds 已提交
537 538 539 540 541 542 543
/*
 * The pid hash table is scaled according to the amount of memory in the
 * machine.  From a minimum of 16 slots up to 4096 slots at one gigabyte or
 * more.
 */
void __init pidhash_init(void)
{
544
	int i, pidhash_size;
L
Linus Torvalds 已提交
545

546 547 548
	pid_hash = alloc_large_system_hash("PID", sizeof(*pid_hash), 0, 18,
					   HASH_EARLY | HASH_SMALL,
					   &pidhash_shift, NULL, 4096);
L
Linus Torvalds 已提交
549 550
	pidhash_size = 1 << pidhash_shift;

551 552
	for (i = 0; i < pidhash_size; i++)
		INIT_HLIST_HEAD(&pid_hash[i]);
L
Linus Torvalds 已提交
553 554 555 556
}

void __init pidmap_init(void)
{
557 558 559 560 561 562 563
	/* bump default and minimum pid_max based on number of cpus */
	pid_max = min(pid_max_max, max_t(int, pid_max,
				PIDS_PER_CPU_DEFAULT * num_possible_cpus()));
	pid_max_min = max_t(int, pid_max_min,
				PIDS_PER_CPU_MIN * num_possible_cpus());
	pr_info("pid_max: default: %u minimum: %u\n", pid_max, pid_max_min);

564
	init_pid_ns.pidmap[0].page = kzalloc(PAGE_SIZE, GFP_KERNEL);
565
	/* Reserve PID 0. We never call free_pidmap(0) */
566 567
	set_bit(0, init_pid_ns.pidmap[0].page);
	atomic_dec(&init_pid_ns.pidmap[0].nr_free);
568

569 570
	init_pid_ns.pid_cachep = KMEM_CACHE(pid,
			SLAB_HWCACHE_ALIGN | SLAB_PANIC);
L
Linus Torvalds 已提交
571
}